Job Details

Apply Now
Or apply with these other sources
Terms of use

Refer Job:
  • Share this on Facebook
  • Share this on LinkedIn

Add Add to Saved Jobs


Information Security Senior Analyst


Up to £60k dependent on experience

The Information security team uses a wide variety of and Information Security, technical and communication skills to proactively help the business differentiate its services within the market. Our goal is to help increase profits whilst reducing reputational, operational, financial, and technology risks. We deal with a diverse range of issues including, Nation State hacking, malware attacks, regulatory compliance, data loss prevention, risk frameworks and network security.

The role of the Information Security Analyst within the Information security team is to provide the day-to-day security operations. This includes overseeing the delivery of out-sourced security services provided by our suppliers and providing the primary first line interface for all incidents.

A major responsibility of the role is to ensure that the existing systems and any new systems are secure, and that any security related incidents are dealt with quickly and lessons learnt to continually improve our controls.

The successful candidate will believe that Information Security is an enabler for a business and not a blocker, they will understand that pragmatism needs to be balanced with risk. The successful candidate will also have a clear vision of how Information Security can be used as a market differentiator.

Developing Capability and Performance:

· Provide the incident management function for all operational security issues on a day-to-day basis.

· Act as the primary risk assessor for all IT projects, and advice on appropriate controls.

· Assessing and assisting in the creation, testing and implementing disaster recovery and business continuity plans.

· Manage out-sourced security service providers.

· Management of the penetration test and remediation process.

· Analyze external threats and incorporate appropriate controls into the Digital Security framework and update information security directives and standards.

· Assist with information security awareness initiatives including conducting user presentations, conference calls and WebEx’s'.

· Liaise with the legal department and Data Privacy champion to ensure appropriate external requirements are identified, understood, adopted, and maintained.

· Annually conducts a security maturity assessment (or security posture) for the account.

· Coach junior member of the team.

Background and Skills:

· At least 2-3 years' experience in an information security role and demonstrate a clear understanding of security related issues.

· Experience in security controls design and operation.

· Experience in conducting risk assessments.

· Knowledge of ISO27001/2.

· Knowledge of Sarbanes Oxley.

· Knowledge of Data Privacy.


· Degree or equivalent experience in computer science, telecommunications, networking, engineering or another computer-related field (Higher degree preferred).

Technical Knowledge:

· Good understanding of general IT.

· General understanding of malware types, delivery mechanisms and detection tools.

Soft Skills:

· Strong ownership of tasks and issues through to resolution (must demonstrate tenacity and persistence).

· Excellent communication skills, relationship building and interpersonal skills.

· Strong analytical skills.

· Able to multi-task and prioritise workload and a strong capability to manage and deliver multiple engagements simultaneously.

· Self-motivated and the ability to work under own initiative, with the ability to work individually and as part of a team.


· BSc or MSc degree in Information Security.

· CISSP - Certified Information Systems Security Professional

· CISM – Certified Information Security Manager.

· Willing to complete a MSc in Information Security.

Background and Skills:

  • Good understanding of project delivery frameworks.
  • Experience with vendor management
  • Project management skills
  • Experience with the implementation and support of operational security management processes.